/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $request = $httpContext->getRequest(); $response = $httpContext->getResponse(); try { $config = MOXMAN::getConfig(); $allItems = $config->getAll(); $licenseKey = trim($config->get("general.license")); $installed = !empty($allItems); $response->disableCache(); $response->setHeader('Content-type', 'application/json'); if ($installed && !$config->get('filesystem.rootpath')) { throw new MOXMAN_Exception("You must configure filesystem.rootpath."); } if ($request->getMethod() != 'POST') { throw new MOXMAN_Exception("Not a HTTP post request."); } if ($installed && !preg_match('/^([0-9A-Z]{4}\\-){7}[0-9A-Z]{4}$/', $licenseKey)) { throw new MOXMAN_Exception("Invalid license key specified in config."); } $authInfo = (object) array("token" => MOXMAN_Http_Csrf::createToken(MOXMAN::getConfig()->get('general.license')), "installed" => $installed, "loggedin" => MOXMAN::getAuthManager()->isAuthenticated(), "loginurl" => $config->get("authenticator.login_page", ""), "standalone" => MOXMAN::getAuthManager()->hasStandalone(), "overwrite_action" => $config->get("filesystem.overwrite_action", "")); $args = new MOXMAN_Auth_AuthInfoEventArgs(); MOXMAN::getPluginManager()->get("core")->fire("AuthInfo", $args); foreach ($args->getInfo() as $key => $value) { $authInfo->{$key} = $value; } $response->sendJson($authInfo); } catch (Exception $e) { $response->sendJson((object) array("error" => array("code" => $e->getCode(), "message" => $e->getMessage()))); } }
/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $request = $httpContext->getRequest(); $response = $httpContext->getResponse(); $path = $request->get("path"); $names = explode('/', $request->get("names", "")); $zipName = $request->get("zipname", "files.zip"); if (count($names) === 1) { $file = MOXMAN::getFile(MOXMAN_Util_PathUtils::combine($path, $names[0])); $filter = MOXMAN_Vfs_CombinedFileFilter::createFromConfig(MOXMAN::getFile($path)->getConfig(), "download"); if (!$filter->accept($file)) { throw new MOXMAN_Exception("Invalid file name for: " . $file->getPublicPath(), MOXMAN_Exception::INVALID_FILE_NAME); } if ($file->isFile()) { $response->sendFile($file, true); return; } } // Download multiple files as zip $zipWriter = new MOXMAN_Zip_ZipWriter(array("compressionLevel" => 0)); // Setup download headers $response->disableCache(); $response->setHeader("Content-type", "application/octet-stream"); $response->setHeader("Content-Disposition", 'attachment; filename="' . $zipName . '"'); $filter = MOXMAN_Vfs_CombinedFileFilter::createFromConfig(MOXMAN::getFile($path)->getConfig(), "download"); // Combine files to zip foreach ($names as $name) { $fromFile = MOXMAN::getFile(MOXMAN_Util_PathUtils::combine($path, $name)); $this->addZipFiles($fromFile, $fromFile->getParent(), $filter, $zipWriter); } $response->sendContent($zipWriter->toString()); }
/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $request = $httpContext->getRequest(); if ($request->get("json")) { $instance = new MOXMAN_Core_JsonRpcHandler(); $instance->processRequest($httpContext); } // TODO: Make this nicer, switch? $action = strtolower($request->get("action", "")); if ($action == "download") { $instance = new MOXMAN_Core_DownloadHandler(); $instance->processRequest($httpContext); } if ($action == "upload") { $instance = new MOXMAN_Core_UploadHandler(); $instance->processRequest($httpContext); } if ($action == "streamfile") { $instance = new MOXMAN_Core_StreamFileHandler($this); $instance->processRequest($httpContext); } if ($action == "language") { $instance = new MOXMAN_Core_LanguageHandler($this); $instance->processRequest($httpContext); } // @codeCoverageIgnoreStart if ($action == "pluginjs") { $instance = new MOXMAN_Core_PluginJsHandler($this); $instance->processRequest($httpContext); } // @codeCoverageIgnoreEnd }
/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $request = $httpContext->getRequest(); $response = $httpContext->getResponse(); $response->disableCache(); $response->setHeader('Content-type', 'text/javascript'); // Set prefix if it's a tinymce language pack or not $prefix = MOXMAN_ROOT . '/langs/moxman_'; if ($request->get("tinymce")) { $prefix = MOXMAN_ROOT . '/langs/'; } // Load TinyMCE specific pack if it exists $langCode = preg_replace('/[^a-z_\\-]/i', '', $request->get('code')); if ($langCode) { $langFile = $prefix . $langCode . '.js'; if (file_exists($langFile)) { $response->sendContent(file_get_contents($langFile)); return; } } // Fallback to configured language pack $langCode = MOXMAN::getConfig()->get("general.language"); if ($langCode) { $langFile = $prefix . $langCode . '.js'; if (file_exists($langFile)) { $response->sendContent(file_get_contents($langFile)); return; } } }
/** * Sends the specified file with the correct mime type back to the browser. * This method gets called from the client side using the stream file. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $request = $httpContext->getRequest(); $response = $httpContext->getResponse(); try { $file = MOXMAN::getFile($request->get("path")); } catch (Exception $e) { $response->setStatus("500", "Could not resolve path: " . $request->get("path")); if (MOXMAN::getLogger()) { MOXMAN::getLogger()->debug("Could not resolve path: " . $request->get("path")); } return; } // Create thumbnail if ($request->get("thumb")) { try { $file = $this->plugin->createThumbnail($file); } catch (Exception $e) { $response->setStatus("500", "Could not generate thumbnail."); $response->sendContent("Could not generate thumbnail."); return; } } // Fire before stream event $args = new MOXMAN_Vfs_StreamEventArgs($httpContext, $file); $this->plugin->fire("BeforeStream", $args); $file = $args->getFile(); // Stream temp file if it exists if ($tempName = $request->get("tempname")) { $ext = MOXMAN_Util_PathUtils::getExtension($file->getName()); $tempName = "mcic_" . md5(session_id() . $file->getName()) . "." . $ext; $tempFilePath = MOXMAN_Util_PathUtils::combine(MOXMAN_Util_PathUtils::getTempDir(), $tempName); if (file_exists($tempFilePath)) { $response->sendLocalFile($tempFilePath); return; } } $url = $file->getUrl(); if ($url && !$request->get("stream", false)) { $response->redirect($url); } else { // Force 48h cache time $offset = 48 * 60 * 60; $response->setHeader("Cache-Control", "max-age=" . $offset); $response->setHeader("Date", gmdate("D, d M Y H:i:s", time() + $offset) . " GMT"); $response->setHeader("Expires", gmdate("D, d M Y H:i:s", time() + $offset) . " GMT"); $response->setHeader("Pragma", "public"); $response->sendFile($file); } }
/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $config = MOXMAN::getConfig(); $response = $httpContext->getResponse(); $response->disableCache(); $response->setHeader('Content-type', 'text/html'); if (!$config->get("general.debug")) { $response->sendContent("Debugging not configured, you need to set general.debug to true in config.php file."); return; } $request = $httpContext->getRequest(); if ($request->get("info")) { phpinfo(); return; } $sitepaths = MOXMAN_Util_PathUtils::getSitePaths(); $scriptFilename = $_SERVER["SCRIPT_FILENAME"]; if (realpath($scriptFilename) != $scriptFilename) { $scriptFilename = $scriptFilename . "<br />(" . realpath($scriptFilename) . ")"; } if (function_exists("imagecreatefromjpeg")) { $gdInfo = gd_info(); $outInfo = "Ver:" . $gdInfo["GD Version"]; $outInfo .= " GIF:" . ($gdInfo["GIF Create Support"] ? "Y" : "N"); $outInfo .= " PNG:" . ($gdInfo["PNG Support"] ? "Y" : "N"); $outInfo .= " JPEG:" . ($gdInfo["JPEG Support"] ? "Y" : "N"); } else { $outInfo = "N/A"; $gdInfo = array(); } $user = MOXMAN::getAuthManager()->getUser(); $result = array("MOXMAN_ROOT" => MOXMAN_ROOT, "realpath('.')" => realpath("."), "Config.php rootpath" => $config->get("filesystem.rootpath"), "Config.php wwwroot" => $config->get("filesystem.local.wwwroot"), "wwwroot resolve" => $sitepaths["wwwroot"], "wwwroot realpath" => realpath($sitepaths["wwwroot"]), "prefix resolve" => $sitepaths["prefix"], "storage path" => MOXMAN_Util_PathUtils::toAbsolute(MOXMAN_ROOT, $config->get("storage.path")), "storage writable" => is_writable(MOXMAN_Util_PathUtils::toAbsolute(MOXMAN_ROOT, $config->get("storage.path"))), "script filename" => $scriptFilename, "script name" => $_SERVER["SCRIPT_NAME"], "GD" => $outInfo, "memory_limit" => @ini_get("memory_limit"), "upload_max_filesize" => @ini_get("upload_max_filesize"), "post_max_size" => @ini_get("post_max_size"), "file_uploads" => @ini_get("file_uploads") ? "Yes" : "No", "PHP Version" => phpversion(), "Time" => date('Y-m-d H:i:s', time()), "Time UTC" => date('Y-m-d H:i:s', time() - date("Z")), "Authenticated" => MOXMAN::getAuthManager()->isAuthenticated(), "User" => $user ? $user->getName() : "N/A"); $out = "<html><body><table border='1'>"; foreach ($result as $name => $value) { if ($value === true) { $value = "True"; } else { if ($value === false) { $value = "False"; } } $out .= "<tr>"; $out .= "<td>" . $name . " </td><td>" . $value . " </td>"; $out .= "</tr>"; } $out .= "</table><a href='?action=debug&info=true'>Show phpinfo</a>"; $out .= "</body></html>"; $response->sendContent($out); }
/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $request = $httpContext->getRequest(); $response = $httpContext->getResponse(); $response->setHeader('Content-type', 'text/javascript'); $config = MOXMAN::getConfig(); $plugins = explode(',', $config->get("general.plugins")); $content = ""; foreach ($plugins as $plugin) { $path = MOXMAN_PLUGINS . '/' . $plugin . '/Plugin.js'; if (file_exists($path)) { $content .= file_get_contents($path); } } $response->sendContent($content); }
/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $request = $httpContext->getRequest(); $response = $httpContext->getResponse(); $langCode = preg_replace('/[^a-z_\\-]/i', '', $request->get('code', MOXMAN::getConfig()->get("general.language"))); $response->disableCache(); $response->setHeader('Content-type', 'text/javascript'); if ($request->get("tinymce")) { $langFile = MOXMAN_ROOT . '/langs/' . $langCode . '.js'; } else { $langFile = MOXMAN_ROOT . '/langs/moxman_' . $langCode . '.js'; } if (file_exists($langFile)) { $response->sendContent(file_get_contents($langFile)); } }
/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $config = MOXMAN::getConfig(); if (!$config->get("general.debug")) { return; } $request = $httpContext->getRequest(); if ($request->get("info")) { phpinfo(); die; } $response = $httpContext->getResponse(); $response->disableCache(); $response->setHeader('Content-type', 'text/html'); $sitepaths = MOXMAN_Util_PathUtils::getSitePaths(); $scriptFilename = $_SERVER["SCRIPT_FILENAME"]; if (realpath($scriptFilename) != $scriptFilename) { $scriptFilename = $scriptFilename . "<br />(" . realpath($scriptFilename) . ")"; } $result = array("MOXMAN_ROOT" => MOXMAN_ROOT, "realpath('.')" => realpath("."), "Config.php rootpath" => $config->get("filesystem.rootpath"), "Config.php wwwroot" => $config->get("filesystem.local.wwwroot"), "wwwroot resolve" => $sitepaths["wwwroot"], "wwwroot realpath" => realpath($sitepaths["wwwroot"]), "prefix resolve" => $sitepaths["prefix"], "storage path" => MOXMAN_Util_PathUtils::toAbsolute(MOXMAN_ROOT, $config->get("storage.path")), "storage writable" => is_writable(MOXMAN_Util_PathUtils::toAbsolute(MOXMAN_ROOT, $config->get("storage.path"))), "script filename" => $scriptFilename, "script name" => $_SERVER["SCRIPT_NAME"]); $out = "<html><body><table border='1'>"; foreach ($result as $name => $value) { if ($value === true) { $value = "True"; } else { if ($value === false) { $value = "False"; } } $out .= "<tr>"; $out .= "<td>" . $name . " </td><td>" . $value . " </td>"; $out .= "</tr>"; } $out .= "</table><a href='?action=debug&info=true'>Show phpinfo</a>"; $out .= "</body></html>"; $response->sendContent($out); }
/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $request = $httpContext->getRequest(); $response = $httpContext->getResponse(); $response->disableCache(); $response->setHeader('Content-type', 'application/json'); @set_time_limit(5 * 60); // 5 minutes execution time $id = null; try { $json = MOXMAN_Util_Json::decode($request->get("json")); // Check if we should install if ($json && $json->method != "install") { $config = MOXMAN::getConfig()->getAll(); if (empty($config) || !isset($config["general.license"])) { $exception = new MOXMAN_Exception("Installation needed.", MOXMAN_Exception::NEEDS_INSTALLATION); throw $exception; } if (!preg_match('/^([0-9A-Z]{4}\\-){7}[0-9A-Z]{4}$/', trim($config["general.license"]))) { throw new MOXMAN_Exception("Invalid license: " . $config["general.license"]); } } // Check if the user is authenticated or not if (!MOXMAN::getAuthManager()->isAuthenticated()) { if (!isset($json->method) || !preg_match('/^(login|logout|install)$/', $json->method)) { $exception = new MOXMAN_Exception("Access denied by authenticator(s).", MOXMAN_Exception::NO_ACCESS); $exception->setData(array("login_url" => MOXMAN::getConfig()->get("authenticator.login_page"))); throw $exception; } } if ($json && isset($json->id) && isset($json->method) && isset($json->params)) { $id = $json->id; $params = $json->params; $result = null; if (isset($params->access)) { MOXMAN::getAuthManager()->setClientAuthData($params->access); } $plugins = MOXMAN::getPluginManager()->getAll(); foreach ($plugins as $plugin) { if ($plugin instanceof MOXMAN_ICommandHandler) { $result = $plugin->execute($json->method, $json->params); if ($result !== null) { break; } } } if ($result === null) { throw new Exception("Method not found: " . $json->method, -32601); } $response->sendJson((object) array("jsonrpc" => "2.0", "result" => $result, "id" => $id)); } else { throw new Exception("Invalid Request.", -32600); } MOXMAN::dispose(); } catch (Exception $e) { MOXMAN::dispose(); $message = $e->getMessage(); $data = null; if (MOXMAN::getConfig()->get("general.debug")) { $message .= "\n\nStacktrace:\n"; $trace = $e->getTrace(); array_shift($trace); $message .= $e->getFile() . ":" . $e->getLine() . "\n"; foreach ($trace as $item) { if (isset($item["file"]) && isset($item["line"])) { $message .= $item["file"] . ":" . $item["line"] . "\n"; } } } if ($e instanceof MOXMAN_Exception && !$data) { $data = $e->getData(); } $response->sendJson((object) array("jsonrpc" => "2.0", "error" => array("code" => $e->getCode(), "message" => $message, "data" => $data), "id" => $id)); } }
/** * Process a request using the specified context. * * @param MOXMAN_Http_Context $httpContext Context instance to pass to use for the handler. */ public function processRequest(MOXMAN_Http_Context $httpContext) { $tempFilePath = null; $chunkFilePath = null; $request = $httpContext->getRequest(); $response = $httpContext->getResponse(); try { // Check if the user is authenticated or not if (!MOXMAN::getAuthManager()->isAuthenticated()) { if (!isset($json->method) || !preg_match('/^(login|logout)$/', $json->method)) { $exception = new MOXMAN_Exception("Access denied by authenticator(s).", 10); $exception->setData(array("login_url" => MOXMAN::getConfig()->get("authenticator.login_page"))); throw $exception; } } $file = MOXMAN::getFile($request->get("path")); $config = $file->getConfig(); if ($config->get('general.demo')) { throw new MOXMAN_Exception("This action is restricted in demo mode.", MOXMAN_Exception::DEMO_MODE); } $maxSizeBytes = preg_replace("/[^0-9.]/", "", $config->get("upload.maxsize")); if (strpos(strtolower($config->get("upload.maxsize")), "k") > 0) { $maxSizeBytes = round(floatval($maxSizeBytes) * 1024); } if (strpos(strtolower($config->get("upload.maxsize")), "m") > 0) { $maxSizeBytes = round(floatval($maxSizeBytes) * 1024 * 1024); } function generateRandomString($length = 10) { $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $charactersLength = strlen($characters); $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, $charactersLength - 1)]; } return $randomString; } $filename = generateRandomString() . '.' . MOXMAN_Util_PathUtils::getExtension($request->get("name")); $id = $request->get("id"); $loaded = intval($request->get("loaded", "0")); $total = intval($request->get("total", "-1")); $file = MOXMAN::getFile($file->getPath(), $filename); // Generate unique id for first chunk // TODO: We should cleanup orphan ID:s if upload fails etc if ($loaded == 0) { $id = uniqid(); } // Setup path to temp file based on id $tempFilePath = MOXMAN_Util_PathUtils::combine(MOXMAN_Util_PathUtils::getTempDir(), "mcupload_" . $id . "." . MOXMAN_Util_PathUtils::getExtension($file->getName())); $chunkFilePath = MOXMAN_Util_PathUtils::combine(MOXMAN_Util_PathUtils::getTempDir(), "mcupload_chunk_" . $id . "." . MOXMAN_Util_PathUtils::getExtension($file->getName())); if (!$file->canWrite()) { throw new MOXMAN_Exception("No write access to path: " . $file->getPublicPath(), MOXMAN_Exception::NO_WRITE_ACCESS); } if ($total > $maxSizeBytes) { throw new MOXMAN_Exception("File size to large: " . $file->getPublicPath(), MOXMAN_Exception::FILE_SIZE_TO_LARGE); } // Operations on first chunk if ($loaded == 0) { // Fire before file action add event $args = new MOXMAN_Core_FileActionEventArgs("add", $file); $args->getData()->fileSize = $total; MOXMAN::getPluginManager()->get("core")->fire("BeforeFileAction", $args); $file = $args->getFile(); if ($file->exists()) { if (!$config->get("upload.overwrite") && !$request->get("overwrite")) { throw new MOXMAN_Exception("Target file exists: " . $file->getPublicPath(), MOXMAN_Exception::FILE_EXISTS); } else { MOXMAN::getPluginManager()->get("core")->deleteThumbnail($file); $file->delete(); } } $filter = MOXMAN_Vfs_CombinedFileFilter::createFromConfig($config, "upload"); if ($filter->accept($file) !== MOXMAN_Vfs_CombinedFileFilter::ACCEPTED) { throw new MOXMAN_Exception("Invalid file name for: " . $file->getPublicPath(), MOXMAN_Exception::INVALID_FILE_NAME); } } $blobSize = 0; $inputFile = $request->getFile("file"); if (!$inputFile) { throw new MOXMAN_Exception("No input file specified."); } if ($loaded === 0) { // Check if we should mock or not if (defined('PHPUNIT')) { if (!copy($inputFile['tmp_name'], $tempFilePath)) { throw new MOXMAN_Exception("Could not move the uploaded temp file."); } } else { if (!move_uploaded_file($inputFile['tmp_name'], $tempFilePath)) { throw new MOXMAN_Exception("Could not move the uploaded temp file."); } } $blobSize = filesize($tempFilePath); } else { // Check if we should mock or not if (defined('PHPUNIT')) { if (!copy($inputFile['tmp_name'], $chunkFilePath)) { throw new MOXMAN_Exception("Could not move the uploaded temp file."); } } else { if (!move_uploaded_file($inputFile['tmp_name'], $chunkFilePath)) { throw new MOXMAN_Exception("Could not move the uploaded temp file."); } } $in = fopen($chunkFilePath, 'r'); if ($in) { $out = fopen($tempFilePath, 'a'); if ($out) { while ($buff = fread($in, 8192)) { $blobSize += strlen($buff); fwrite($out, $buff); } fclose($out); } fclose($in); } unlink($chunkFilePath); } // Import file when all chunks are complete if ($total == -1 || $loaded + $blobSize == $total) { clearstatcache(); // Check if file is valid on last chunk we also check on first chunk but not in the onces in between $filter = MOXMAN_Vfs_CombinedFileFilter::createFromConfig($config, "upload"); if ($filter->accept($file) !== MOXMAN_Vfs_CombinedFileFilter::ACCEPTED) { throw new MOXMAN_Exception("Invalid file name for: " . $file->getPublicPath(), MOXMAN_Exception::INVALID_FILE_NAME); } // Resize the temporary blob if ($config->get("upload.autoresize") && preg_match('/gif|jpe?g|png/i', MOXMAN_Util_PathUtils::getExtension($tempFilePath)) === 1) { $size = getimagesize($tempFilePath); $maxWidth = $config->get('upload.max_width'); $maxHeight = $config->get('upload.max_height'); if ($size[0] > $maxWidth || $size[1] > $maxHeight) { $imageAlter = new MOXMAN_Media_ImageAlter(); $imageAlter->load($tempFilePath); $imageAlter->resize($maxWidth, $maxHeight, true); $imageAlter->save($tempFilePath, $config->get("upload.autoresize_jpeg_quality")); } } // Create thumbnail and upload then import local blob MOXMAN::getPluginManager()->get("core")->createThumbnail($file, $tempFilePath); $file->importFrom($tempFilePath); unlink($tempFilePath); $args = new MOXMAN_Core_FileActionEventArgs("add", $file); MOXMAN::getPluginManager()->get("core")->fire("FileAction", $args); // In case file is modified $file = $args->getFile(); $result = MOXMAN_Core_Plugin::fileToJson($file, true); } else { $result = $id; } $response->sendJson(array("jsonrpc" => "2.0", "result" => $result, "id" => null)); } catch (Exception $e) { if ($tempFilePath && file_exists($tempFilePath)) { unlink($tempFilePath); } if ($chunkFilePath && file_exists($chunkFilePath)) { unlink($chunkFilePath); } MOXMAN::dispose(); // Closes any open file systems/connections $message = $e->getMessage(); $data = null; // Add file and line number when running in debug mode // @codeCoverageIgnoreStart if (MOXMAN::getConfig()->get("general.debug")) { $message .= " " . $e->getFile() . " (" . $e->getLine() . ")"; } // @codeCoverageIgnoreEnd // Grab the data from the exception if ($e instanceof MOXMAN_Exception && !$data) { $data = $e->getData(); } // Json encode error response $response->sendJson((object) array("jsonrpc" => "2.0", "error" => array("code" => $e->getCode(), "message" => $message, "data" => $data), "id" => null)); } }